TudbuT/conduit
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2626 commits 50 branches 7 tags 14 MiB
Commit graph

1590 commits

Author SHA1 Message Date
strawberry
02bc818633 match explicit URI to see if we should authenticate the user 
first attempt at forcing an endpoint to be authenticated

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
9d0c85ab17 use ruma JsOption, bump figment 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
4e8823dedb add warning about outgoing presence PDU/EDU relationship 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
11bc725268 return joined member count of room for pushrules instead of hardcoded 10 
im not sure what the TODO is trying to say here,
but since it's many years old and conduwuit is
fast, i dont see an issue with this.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
b50c47e1c2 silence loud tower_http errors (move to info) 
these are benign errors that are from things like
conduwuit fetching remote media from dead servers

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
34bac4d1d9 support sending well_known client response in /login using well_known_client 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
cf62cb0d0a send avatar_url on invite member events like synapse 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
f275a0dfbe fix obvious copy-paste error 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
fae00e5136 remove rocksdb_max_open_files option 
default for RocksDB is -1 and conduwuit already raises the
soft and hard nofile limits at startup.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
6ffc54e241 support blocking servers from fetching remote media from 
akin to synapse's `prevent_media_downloads_from`

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
1a06c8c9d3 more error checking for deserialising events and canonical JSON 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
c83acabfb0 return proper error if we fail to convert to canonical JSON 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
3d6b499b88 log error and PDU for failed auth checks 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
3ffca25f6f update few endpoint docs versions 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
2bbc75d68e why did i have to run cargo fmt twice 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
40f5345586 fix formatting and links of user reports more 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
e944ed5eb4 fix /report endpoint a lot 
in short, the `/report` endpoint now checks if:
- the reporting room in the URI matches the PDU/event reported
- sender user is in the room reported
- raises report reasoning to 750 characters (spec doesn't say to limit
these, but thorough and informative reports for server admins are not
a bad thing)
- (hopefully) fixes some broken formatting
- add a random short delay before sending a successful response to the
client to make it more annoying to enumerate for events on our server
(security by obscurity but spec suggests it)

basically, secure reports better lol

see https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
7eb57a9fd5 explicitly fallback to None for invalid/empty room topics 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
9a3866afff return M_INVALID_PARAM instead of M_BAD_JSON for bad room aliases 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
92641d0628 first of many small code documentation 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
ad1d272e2a fix blocks_in_conditions clippy lint 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
8d42351e34 add presence options to show-config admin cmd 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
a85ebdeaa0 require sender_user being in the reporting room for /report events 
Matrix 1.8 change:
https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
bfc738d80e default to None for room topic event in spaces or /publicRooms 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
59c7f93656 fix more clippy lints (part 1) 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
2074e36aa4 add missing ban reason to ban events 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
2f16726bac raise generated passwords to 25 chars 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
2b031e40a2 partially revert keeping track of remote user profiles 
this seems to require some more work to properly ignore
dead server errors without breaking the entire room join

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
149d22eef7 make set avatar, displayname, and blurhash async and forgot another let _ 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
9ec1532580 ignore potential errors when updating user profiles 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
0297cfe307 remove cached destination for a destination if request fails 
this can help if users change their well-known or such and we don't want
to keep on hitting the old destination.

from 11357d1f1a

Co-authored-by: Jacob Taylor <jacob@explodie.org>
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
ad792f4565 oops dedup only works on consecutive elements 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
52884abff6 don't validate or add signature if room is not v8 or above or not using restricted joins 
should resolve https://github.com/matrix-org/matrix-spec/issues/1708 on
for conduwuit until spec clarifies.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
5c4b8ad7a3 replace panics on unknown room versions with errors 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
c70ce49ec0 don't allow non-local users to have their creds modified in Deactivate admin cmds 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
edd74efbf2 dedup servers in get_alias_helper 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
da539efb98 only follow up to 6 redirects in default reqwest ClientBuilder 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
ae11e378d2 debug log well-known response body and text 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
14a0d12002 declare support for Matrix 1.5 in our federation requests 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
0b0b52c33b add all possible workspace clippy lints (with commenting out most for now) 
this will be a major pain to work through. for now, let's
just add them and overtime work through these.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
49b6f338fd feat: suggest servers to join at /_matrix/client/v3/directory/room/{roomAlias} 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
ee2f1c3084 the great persy, sled, and heed purge (and bump MSRV to 1.74.1) 
these database backends are either unmaintained, broken in conduit, or
incredibly niche for something like conduwuit.

also i want to bump the MSRV.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
b28a2fad97 feat: keep track of remote profiles for user directory and local requests 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
ef8dcdfe3c declare explicit support for room filtering (MSC3827) 
conduit has supported this for a while now and is a Matrix 1.4 feature

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
c75674faf5 bump default_presence_offline_timeout to 30 minutes (too low imo) 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
85b2c6681b allow HEAD HTTP requests in CORS 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
20aa2cfca6 update device lists for user upon logout 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
7021c52c9b send a User-Agent on all requests 
amazing that this wasn't done in the first place. a lack of a UA is
suspicious and some providers may block our requests just for the sake
of no UA.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-07 22:26:27 -05:00
strawberry
8586b15e1a add support for serving client+server well-known and /client/server.json endpoints from conduwuit 
the last endpoint is a non-standard health check endpoint used by at
least Element Web as a weird way to determine if syncv3 is available

there can also be some valid use-cases for serving well-knowns from the
application itself

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-07 22:26:27 -05:00
strawberry
bb2f213ac3 more helpful panic msg on failing to increase soft/hard FD limits 
this can be caused by security policies, hardening, etc

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-07 22:26:27 -05:00
strawberry
1308574db0 bump ruma to latest commit (syncv3 JsOption and push optional power levels) 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-07 22:26:27 -05:00
strawberry
5422d0cedd declare support for various missing matrix versions 
this is another one of those things that upstream has neglected

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-07 22:26:27 -05:00
strawberry
2161630b54 raise reqwest client timeout to 300 seconds 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-06 16:16:44 -05:00
strawberry
3ba129e80c remove unnecessary else logic in sha256_media db migration 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-06 16:16:44 -05:00
strawberry
3723d37b14 raise report reason limit to 500 (though spec doesnt say to limit these) 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-06 16:16:44 -05:00
strawberry
d56e76c23e raise various timeouts, make exp backoff consistent 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-06 16:16:44 -05:00
strawberry
06e0360142 change welcome message 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 17:07:24 -05:00
strawberry
91c7c15bb3 log where we are listening at/on 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 17:07:24 -05:00
strawberry
7e447765fe remove warning in error message, drop 2nd error down to warn 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 17:07:24 -05:00
strawberry
09d0c13d6f remove unused config global function 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 17:07:24 -05:00
strawberry
d4c360c135 replace run_server() unwrap just to be safe 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 17:07:24 -05:00
strawberry
757ba60ff9 add comment about the blocking await above this config check 
comment saying this would have been nice. moved the config checks above
that blocking call.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 17:07:24 -05:00
strawberry
071f9959a6 remove false_fn as just default alone always evaluates to false 
ideally we could just do true/false but it is almost 2024 and this is
not possible in serde.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 17:07:24 -05:00
strawberry
d214371423 add option for explicit opt-in allow open registration and make it clear 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 17:07:24 -05:00
strawberry
5e641e2886 move default rocksdb logging from info to warn 
info is still logging useless database statistics and metrics that will
accumulate, less I/O activity.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 17:07:24 -05:00
strawberry
14fc20e31e cargo fmt 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-25 11:09:19 -05:00
Val Lorentz
89c3679e9a Add missing pub key in send_join handling 2023-12-25 11:09:19 -05:00
Val Lorentz
33cae7eaab Explicitly match RoomVersionId::V11 2023-12-25 11:09:19 -05:00
Val Lorentz
f3045be622 Reuse existing get_room_version 2023-12-25 11:09:19 -05:00
Nineko
fdc3e07be6
feat: replaced flaky argon2 with better argon2 crate (#37) 
* feat: replaced flaky argon2 with better argon2 crate

* fix: applied cargo fmt nightly

* docs: added comment specifying what the settings for Argon2 mean

* fix: made hashing error a bit more descriptive

* fix: fixed incorrect value for Kib
 2023-12-25 10:28:56 -05:00
Charles Hall
629efaa910 use constructor to avoid deprecation warnings 2023-12-24 01:05:13 -05:00
strawberry
5bb6128149 remove wrong else logic 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-23 11:49:14 -05:00
strawberry
dd8a6ede09 dont allow guest registration if registration disabled with token configured 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-23 11:49:14 -05:00
strawberry
6664259e64 forbid guest users from registering if no real admin user exists 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-23 11:49:14 -05:00
strawberry
01a8f6323d log next steps if a guest account registered and attempted to get admin 
this might be an unreachable state with the next commit, but let's be
extra sure here just in case a guest still managed to register before
a real admin was created.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-23 11:49:14 -05:00
strawberry
dc73df763a don't grant guest users admin, slight user + guest logging improvements 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-23 11:49:14 -05:00
strawberry
b0fdc1351b add config option for guest registration, make guest registration respect allow_registration 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-23 11:49:14 -05:00
Charles Hall
d76ea86909 update opentelemetry things 
Upstream's changelogs are unhelpful :/
 2023-12-22 18:24:03 -05:00
Jakub Kubík
cc4e6e213f fix(sync): correctly update presence properties 2023-12-20 21:50:18 -05:00
Jakub Kubík
69025d30f7 style(presence): use flat_map instead of matching Results in filter 2023-12-20 21:50:13 -05:00
strawberry
e93b4aa08e fix typo 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-20 21:46:54 -05:00
Charles Hall
311c7d83ca fix rustdoc warnings 
Also removed all instances of `#[command(verbatim_doc_comment)]` because
I'm pretty sure it's not necessary anymore. The `[commandbody]` things
were making rustdoc upset about broken link syntax. I also normalized
"code-block" to "code block" in that file since the latter appears more
often.
 2023-12-20 21:46:54 -05:00
strawberry
8454773275 log rejected sendjoin, remove unnecessary clone 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-03 20:20:25 -05:00
strawberry
d9d1ce3cb5 fix refering uninit static, use upstream rocksdb again, don't compile debug info 
even rust-analyzer themselves don't compile with debug info because it
makes cargo checks and builds in general a lot longer. helps speed
things up and we mainly care about panics/stacktraces and compiler
errors.

https://github.com/rust-lang/rust-analyzer/blob/master/Cargo.toml#L12-L15

upstream rust-rocksdb is active again finally

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-03 01:00:23 -05:00
strawberry
4d52dd2f44 use puppy check for updates endpoint 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-02 21:45:09 -05:00
strawberry
f62f641545 add rocksdb configurable options and tweaks, logging improvements, exp. room v11 support 
split out the spinning disk focused options into a configurable option, current
conduwuit users are NVMe/SSDs anyways so those options are just hindering performance.

rocksdb logging builds up overtime with no cleanup or anything, adds support for
configuring the amount of logging, size of files, log rotate, etc.
fixes https://gitlab.com/girlbossceo/conduwuit/-/issues/1

misc conduit logging improvements for help debugging issues and maybe a future feature

experimental Room V11 support from https://gitlab.com/famedly/conduit/-/merge_requests/562

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-12-02 21:30:06 -05:00
strawberry
56e4166ee8 never let clippy fail, use CARGO_PKG_NAME, allow issues on gh, simplify regex a tad 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2023-11-29 23:19:53 -05:00
strawberry
87d6a17f0a fix all the warnings!!!! (0 clippy and rustc warnings now) 
too many changes to list, codebase significantly better than it was a few weeks ago though

Signed-off-by: strawberry <june@girlboss.ceo>
 2023-11-29 21:36:02 -05:00
strawberry
20b686cac5 add some ruma features, fix futures warning 
Signed-off-by: strawberry <june@girlboss.ceo>
 2023-11-27 21:34:45 -05:00
strawberry
b06ed1b92f remove # from internal room ID list 
internal room IDs do not have #, they start with !

Signed-off-by: strawberry <june@girlboss.ceo>
 2023-11-27 01:35:30 -05:00
strawberry
e2ec2a98ba make rooms alias list command more nicer 
room IDs in conduit have a server name attached to them already
outputting the server name again just makes it look incorrect

also add codeblock to the internal room ID portion

Signed-off-by: strawberry <june@girlboss.ceo>
 2023-11-27 01:25:20 -05:00
strawberry
54a3f47851 fix every clippy warning possible, remove io_uring as default feature 
this project's codebase is so horrendous, im shocked that no one has ran
clippy at all. it had ~200 total lint warnings, some with performance
issues and unsoundness, and the rest just very ugly codebase. i have sat
down and fixed as many of these as possible and i am exhausted.
i haven't fixed some extremely complex ones, but i brought it down from
~200 to ~30.

i have also removed io_uring as a default feature due to it falling
under the same category as linux eBPF: major kernel attack surface for
minimal performance gains. this also makes it impossible to cross-compile
from macOS to Linux because io_uring does not exist in Darwin land.
there are far better ways to achieve better performance than io_uring on
the codebase level.

Signed-off-by: strawberry <june@girlboss.ceo>
 2023-11-27 00:50:55 -05:00
tezlm
19d1b484e0 split out room info into its own function 2023-11-26 22:16:38 -05:00
tezlm
c2b103514b Make commands plural 2023-11-26 22:16:38 -05:00
tezlm
5fc5076517 Room directory admin commands 2023-11-26 22:16:32 -05:00
tezlm
b30884c7ac reply to messages 2023-11-26 22:14:59 -05:00
tezlm
ebb94341c8 Admin room alias commands 
- room alias set
- room alias remove
- room alias which
- room alias list
 2023-11-26 22:14:59 -05:00
tezlm
6fdeec1108 Add appservice show command to show config 2023-11-26 22:14:59 -05:00
tezlm
562eaa1dea Allow using languages in code blocks. 
```yaml
This works now
```
 2023-11-26 22:14:59 -05:00
tezlm
3e9c564209 Rework admin commands to use subcommands. 
This commit doesn't add, remove, or change any
commands, it only organizes them
 2023-11-26 22:14:59 -05:00
strawberry
5106203d67 drop iouring, add 2 info logs, silence clippy warning 
iouring falls into the same category as eBPF and is a major source of kernel vulnerabilities. the benefits gained here are too minimal to bother keeping this enabled, and makes cross-compiling from macOS impossible

Signed-off-by: strawberry <june@girlboss.ceo>
 2023-11-26 22:14:59 -05:00
strawberry
dd544fad29 use cache_capacity_modifier for spaces/hierarchy cache 
Signed-off-by: strawberry <strawberry@pupbrain.dev>
 2023-11-26 22:14:59 -05:00
strawberry
2dc1c1fdcb fix clippy performance and sus warnings, remove 1 unwrap, forgot to increment db version 
Signed-off-by: strawberry <strawberry@pupbrain.dev>
 2023-11-26 22:14:43 -05:00
strawberry
b4e2f7ca37 log error for invalid room member events in db 
Signed-off-by: strawberry <strawberry@pupbrain.dev>
 2023-11-25 20:42:38 -05:00
AndSDev
d13e3827ce feat: send push notification on invite to invited user and etc 2023-11-25 20:28:25 -05:00
strawberry
6958c720d0 make pdu stuff async, remove unnecessary db version check 
Signed-off-by: strawberry <strawberry@pupbrain.dev>
 2023-11-25 18:29:38 -05:00
strawberry
4d7b5eb759 add version argument, move import to test body 
Signed-off-by: strawberry <strawberry@pupbrain.dev>
 2023-11-25 15:53:33 -05:00
strawberry
8fffb6ea04 fix compilation with no zstd, use correct key, bump 2 deps 
Signed-off-by: strawberry <strawberry@pupbrain.dev>
 2023-11-25 15:46:03 -05:00
strawberry
0c4604b482 bump ruma, add wrong room keys error code, tiny logging change 
can't update ruma to very latest commit because of the weird JsOption thing for syncv4 that i can't wrap my head around how to use, not important anyways

Signed-off-by: strawberry <strawberry@pupbrain.dev>
 2023-11-25 12:42:05 -05:00
strawberry
e9cd8caaed add feature flagged support for migrating from base64 file name keys to sha256 ones 
core implementation and tests from https://gitlab.com/famedly/conduit/-/merge_requests/467
feature flag, base64 encode update, and tweaks were me

Signed-off-by: strawberry <strawberry@pupbrain.dev>
 2023-11-25 11:38:28 -05:00
Val Lorentz
d092820699 Fetch server keys concurrently 
This speeds up handling of /_matrix/federation/v1/send/:transaction_id
when more than one event contains unknown keys.

In particular, when receiving multiple PDUs with dead servers in their
auth chain, timeouts of each server accumulate and can make handling of
incoming requests take several minutes, to the point the client closes
the connection (eg. matrix.org has a 2 minute timeout), causing new
events to be dropped eventually.
 2023-11-25 11:38:28 -05:00
strawberry
87d1040386 bump various deps (except for the HTTP libs currently), use my 
rust-rocksdb fork, add optional opt-in zstd response body compression
config, add webp support for images

cant upgrade things like axum, http, tower, hyper, etc due to the 1.0
release of http which are breaking all of these libs

Signed-off-by: strawberry <strawberry@pupbrain.dev>
 2023-11-25 11:36:55 -05:00
girlbossceo
af1f7404f1 add notification_push_path global 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 23:43:41 -04:00
girlbossceo
16c3a38761 remove another unnecessary unwrap/expect 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 23:43:08 -04:00
girlbossceo
6931f4b778 reduce more unnecessary logging and improve a tad 
dead servers in rooms are not relevant to log, keep it as info/debug

Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 23:40:44 -04:00
girlbossceo
64084fb2d0 use a proper function for this instead of checking 200 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 22:36:47 -04:00
girlbossceo
9bb1dca5f1 mark unused variables as unusued 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 22:34:50 -04:00
girlbossceo
03af588efb don't unwrap reqwest requests for appservice and pushers too 
this is another denial of service vector, but less severe than the federation one.

Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 22:34:09 -04:00
girlbossceo
8b95399387 add support for modifying the default notification pusher path 
this is not officially in spec yet, but who cares? matrix team certainly doesn't care.

Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 22:31:11 -04:00
girlbossceo
b8acacfb3e use light owasp defs instead of argon2 defs 
the ones now used by default in rust-argon2 are extremely aggressive and
resource intensive. owasp's 2nd default is very reasonable with the same
security.

Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 22:15:36 -04:00
tezlm
23ec725923 remove unnecessary config overwrite 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 22:14:21 -04:00
girlbossceo
95187419f9 do not expect/unwrap requests 
causes tokio runtime worker to panic as we attempt to convert an HTTP
Request from ruma (try_into_http_request) into a reqwest Request so the
reqwest http client on the server can execute said request. error
message is not ideal ("invalid port number") but core issue is fixed.

Co-authored-by: infamous <ehuff007@gmail.com>
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-28 09:05:23 -04:00
Jakub Kubík
58a83f06b1 feat(presence): add granular allow configuration 2023-10-21 22:31:16 -04:00
Jakub Kubík
ba03edfae9 feat(presence): implement presence functionality 2023-10-21 22:31:06 -04:00
girlbossceo
22eff2d29c clean up few unnecessary warnings 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-21 16:15:42 -04:00
girlbossceo
05c08c8529 fix device name federation control 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-21 12:19:21 -04:00
girlbossceo
6e46f56929 error log thing 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-21 12:18:59 -04:00
girlbossceo
a3d219e401 tweak rocksdb, use direct io 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-10-21 12:18:41 -04:00
girlbossceo
e486c35faa don't skip tracing for event_handler 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-24 13:01:54 -04:00
girlbossceo
f72fd67a71 remove dbg's, update rocksdb, use iouring 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-24 10:17:26 -04:00
girlbossceo
0390d19b56 log state res error 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-24 10:17:06 -04:00
girlbossceo
28b63e913f unix sockets 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 21:49:53 -04:00
girlbossceo
fda30f5602 fix: add destination field authorization handler (not my commit) 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 21:47:37 -04:00
girlbossceo
ebd2ec45b1 fix: Do not allow fetching cached remote users' profiles over federation (nyaaori) 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 21:47:37 -04:00
girlbossceo
1b75d384d7 option to control federating device display names 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 21:47:35 -04:00
girlbossceo
81e8df3102 options to control public room directory visibility 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 21:46:43 -04:00
girlbossceo
76c00283de woof woof 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 21:46:41 -04:00
Tobias Bucher
9c3b3daafc Use upstream reqwest instead of vendored one 
This uses the `ClientBuilder::dns_resolver` function that was added in
reqwest 0.11.13, instead of the homebrew `ClientBuilder::resolve_fn`.
 2023-09-13 21:46:06 -04:00
girlbossceo
42efc9deaf Implement UNIX sockets 
Initial implementation done in https://gitlab.com/famedly/conduit/-/merge_requests/507,
*substantially* reworked, corrected, improved by infamous <ehuff007@gmail.com>,
and few parts done by me.

Co-authored-by: infamous <ehuff007@gmail.com>
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 20:49:02 -04:00
girlbossceo
618036dc31 support querying _matrix-fed and _matrix 
_matrix-fed is the new IANA registered SRV record service name
per MSC4040. _matrix is now considered deprecated in Matrix 1.8.
see 3.3 and 3.4 of https://spec.matrix.org/v1.8/server-server-api/#resolving-server-names

Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 20:36:03 -04:00
girlbossceo
6695b8d8b6 mark room versions 1 and 2 as unstable 
even though these rooms would be quite broken as they typically would be
super super old rooms, people seem to still complain about conduit not
"supporting" room versions 1 and 2. to make them happy, just make them
as unstable so they can at least join it.

Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 20:36:03 -04:00
girlbossceo
87c527ad79 remove unused trace 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 20:36:03 -04:00
girlbossceo
6e672a3592 mark room version 11 as unstable 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 20:36:03 -04:00
girlbossceo
40908b24e7 set default room version to 10 
this has been the new default since Matrix 1.6, and V10 has been flagged
as stable for a while in Conduit

Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-09-13 20:36:03 -04:00
Timo Kösters
3bfdae795d Merge branch 'sliding' into 'next' 
Sliding sync improvements and redaction fixes

See merge request famedly/conduit!549
 2023-09-13 18:57:57 +00:00
Timo Kösters
75c80df271
Sliding sync improvements and redaction fixes 2023-09-13 20:54:53 +02:00
Timo Kösters
094cb888d4 Merge branch 'badacl' into 'next' 
fix: ACL error shouldn't break the whole request

See merge request famedly/conduit!542
 2023-09-13 18:46:03 +00:00
Timo Kösters
9b55ce933a
Back off from more events, don't retry auth events 2023-08-12 09:53:32 +02:00
Timo Kösters
f73a657a23
fix: ACL error shouldn't break the whole request 2023-08-11 20:29:22 +02:00
Timo Kösters
6dfb262ddf Merge branch 'patch-3' into 'next' 
log handling previous event time as debug

See merge request famedly/conduit!540
 2023-08-11 09:27:42 +00:00
Timo Kösters
11103a92ed
Do not show "Invalid room version" errors when server is not in room 2023-08-11 10:48:48 +02:00
girlbossceo
ce2017a10e log handling previous event time as debug 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-08-10 23:12:37 +00:00
Timo Kösters
19bfee1835
improvement: matrix.org is default trusted server if unspecified 2023-08-10 17:45:58 +02:00
Timo Kösters
606b25b9e7
improvement: more forgiving admin command syntax 2023-08-10 17:26:55 +02:00
Timo Kösters
fd9e52a559
More sanity checks 2023-08-10 11:45:31 +02:00
Timo Kösters
183558150d
fix: don't show removed rooms in space 2023-08-09 22:21:21 +02:00
Timo Kösters
c028e0553c
feat: registration tokens 2023-08-09 18:27:30 +02:00
Timo Kösters
3e518773e2 Merge branch 'improvements' into 'next' 
cross signing fixes

See merge request famedly/conduit!532
 2023-08-07 16:11:11 +00:00
Timo Kösters
d82c26f0a9
Avatars for sliding sync DMs 2023-08-07 17:54:08 +02:00
Timo Kösters
c1e2ffc0cd
improvement: maybe cross signing really works now 2023-08-07 13:55:44 +02:00
June
06fccbc340 debug log before and after nofile soft limit increases 
Signed-off-by: June <june@girlboss.ceo>
 2023-08-03 14:51:39 -10:00
girlbossceo
fbd8090b0b log room ID for invalid room topic event errors 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-08-03 08:54:47 -10:00
June
5a7bade476 update base64 to 0.21.2 
Signed-off-by: June <june@girlboss.ceo>
 2023-08-01 14:48:50 -10:00
Timo Kösters
d2bfcb018e Merge branch 'error-leak-fix' into 'next' 
sanitise potentially sensitive errors

See merge request famedly/conduit!523
 2023-08-01 11:25:06 +00:00
Timo Kösters
acfe381dd3
fix: threads get updated properly 
Workaround for element web while waiting for https://github.com/matrix-org/matrix-js-sdk/pull/3635
 2023-07-31 16:18:23 +02:00
girlbossceo
83805c66e5 sanitise potentially sensitive errors 
prevents errors like DB or I/O errors from leaking filesystem paths

Co-authored-by: infamous <ehuff007@gmail.com>
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-07-30 17:30:16 +00:00
Timo Kösters
afd8112e25 Merge branch 'spaces' into 'next' 
Automatic update checker

See merge request famedly/conduit!522
 2023-07-29 19:55:51 +00:00
Timo Kösters
b8c164dc60
feat: version checker 2023-07-29 21:53:57 +02:00
girlbossceo
e2c914cc11 fix: s/ok_or/ok_or_else in relevant places 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-07-29 19:17:12 +00:00
Timo Kösters
da907451e7
Admin commands to sign and verify jsons 2023-07-29 20:00:12 +02:00
girlbossceo
d7061e6984 cargo fmt 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-07-29 14:30:48 +00:00
girlbossceo
3494d7759e Return "Hello from Conduit!" on the / route 
akin to Synapes's "It works!" page, removing an unnecessary warning
about / route being unknown

Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-07-29 14:29:26 +00:00
girlbossceo
cc5dcceacc Log the room ID, event ID, PDU, and event type where possible 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-07-29 14:29:26 +00:00
girlbossceo
863103450c Log the unknown login type in warning level 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-07-29 14:29:26 +00:00
girlbossceo
a0148a9996 Print relevant room ID and ACL'd server in informational level 
These are room ACLs, not server ACLs. Causes confusion where people
think their Conduit homeserver was ACL'd. Print where these are coming from
in informational level.

Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-07-29 14:29:26 +00:00
girlbossceo
1f867a2c86 Only print raw malformed JSON body in debug level 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-07-29 14:29:26 +00:00
Tobias Tom
7990822f72 It's ok not being able to find a .well-known response. 2023-07-28 16:26:40 +01:00
Timo Kösters
2a100412fa Merge branch 'relax-rocksdb' into 'next' 
relax recovery mode

See merge request famedly/conduit!516
 2023-07-27 06:12:31 +00:00
Charles Hall
9fb8498067
relax recovery mode 2023-07-26 15:32:36 -07:00
Charles Hall
291290db92
maximize fd limit 2023-07-26 13:24:44 -07:00
Timo Kösters
bf46829595
fix: spaces with restricted rooms 2023-07-26 08:34:12 +02:00
Timo Kösters
90a10c84ef Merge branch 'slidingfixes' into 'next' 
Better sliding sync

See merge request famedly/conduit!511
 2023-07-24 08:48:27 +00:00
Timo Kösters
d220641d64
Sliding sync subscriptions, e2ee, to_device messages 2023-07-24 10:42:52 +02:00
Timo Kösters
caddc656fb
slightly better sliding sync 2023-07-24 10:42:47 +02:00
Timo Kösters
a9ba067e77
fix: e2ee over federation 2023-07-16 16:50:03 +02:00
Timo Kösters
24402312c5
fix: could not verify own events 2023-07-15 23:43:25 +02:00
Timo Kösters
c3966f501c
fix: nheko e2ee verification bug 2023-07-10 23:10:27 +02:00
Timo Kösters
0b4e3de9c0
fix: spaces with restricted rooms 2023-07-10 16:28:08 +02:00
Timo Kösters
edd4a3733f
fix: actually clear memory in the admin commands 2023-07-10 16:27:42 +02:00
Timo Kösters
c17187777f
fix: never try federation with self 2023-07-10 16:26:36 +02:00
Timo Kösters
78e7b711df
fix: better sliding sync 2023-07-10 16:25:33 +02:00
Timo Kösters
e4f769963f
feat: very simple sliding sync implementation 2023-07-06 10:32:25 +02:00
Timo Kösters
f8a36e7554 Merge branch 'memory' into 'next' 
improvement: better memory usage and admin commands to analyze it

See merge request famedly/conduit!497
 2023-07-03 17:43:27 +00:00
Timo Kösters
a2c3256ced
improvement: better memory usage and admin commands to analyze it 2023-07-03 19:41:07 +02:00
Timo Kösters
833c1505f1 Merge branch 'hierarchy' into 'next' 
feat: space hierarchies

See merge request famedly/conduit!495
 2023-07-03 13:56:47 +00:00
Timo Kösters
bac13d08ae
fix: cache invalidation 2023-07-02 22:50:50 +02:00
Timo Kösters
9d49d599f3
feat: space hierarchies 2023-07-02 22:12:06 +02:00
Jonas Platte
0ded637b4a
Upgrade axum to 0.6 2023-06-29 11:20:52 +02:00
Timo Kösters
fd1ccbd3ad
improvement: randomize server order for alias joins 2023-06-28 17:44:30 +02:00
Timo Kösters
d64a56d88b
Do soft fail check before doing state res to allow leave events 2023-06-27 18:48:34 +02:00
Timo Kösters
be877ef719
Improve sync performance with more caching and wrapping things in Arcs to avoid copies 2023-06-27 13:15:11 +02:00
Timo Kösters
7c6d25dcd1
Do state res even if the event soft fails 2023-06-27 13:13:33 +02:00
Timo Kösters
72eb1972c1
Add relations endpoints, edits and threads work now 2023-06-26 12:38:51 +02:00
Timo Kösters
db6def8800
fix: send correct bearer token to appservices 2023-06-26 09:15:52 +02:00
Timo Kösters
49a0f3a60d
fix: /context for element android. start and end must be set even with limit=0 2023-06-26 08:33:31 +02:00
Timo Kösters
15cc801840
Disable compression, see https://en.wikipedia.org/wiki/BREACH 2023-06-25 23:43:54 +02:00
Timo Kösters
c7e0ea525a
feat: WIP relationships and threads 2023-06-25 19:40:33 +02:00
Timo Kösters
faa9208a3e
cargo fmt 2023-06-08 20:51:34 +02:00
Timo Kösters
1ea27c4f97
fix: restricted room error is now FORBIDDEN 2023-06-08 20:49:42 +02:00
Timo Kösters
422ee40107 Merge branch 'mr-conduit-appservice-login' into 'next' 
feat: support end to bridge encryption

See merge request famedly/conduit!454
 2023-05-26 12:48:23 +00:00
digital
664d6baace fix: make requested changes 2023-05-26 13:06:28 +02:00
Timo Kösters
49b5af6d45
chore: bump rocksdb 2023-05-21 13:41:51 +02:00
Timo Kösters
1f1444da8c Merge branch 'pushrules' into 'next' 
Improvements to pushrules endpoints

Closes #316

See merge request famedly/conduit!461
 2023-05-21 10:41:31 +00:00
Jonathan Flueren
f5e3b0e2dd Recognize admin commands without : after tag 
Very useful since many Matrix clients don't insert : after user tags
 2023-05-15 19:25:57 +00:00
Kévin Commaille
1929ca5d9d
Add a database migration to fix and update the default pushrules 2023-03-18 15:03:57 +01:00
Kévin Commaille
88c6bf7595
Always return an error if a push rule is not found 2023-03-18 15:03:57 +01:00
Kévin Commaille
4635644e21
Use the ruma methods for managing rulesets 2023-03-18 15:03:57 +01:00
Kévin Commaille
f53ecaa97d
Bump Ruma 2023-03-18 15:03:56 +01:00
Timo Kösters
2a7c4693b8
fix: don't accept new requests when shutting down 2023-03-18 08:58:20 +01:00
Timo Kösters
da3871f39a
fix: let requests continue event if client disconnects 2023-03-17 22:45:13 +01:00
Timo Kösters
42b12934e3
Don't crash when a room errors 2023-03-13 10:43:09 +01:00
Timo Kösters
63f787f635
Reduce logs from info to debug 2023-03-13 10:39:19 +01:00
Timo Kösters
a1bd348977
fix: history visibility 2023-03-13 10:39:19 +01:00
Timo Kösters
27f29ba699
fix: SRV lookups should end with a period 2023-03-13 10:39:19 +01:00
Timo Kösters
cb0ce5b08f
Logs for server resolution 2023-03-13 10:39:18 +01:00
Timo Kösters
b7c99788e4
All the logs 2023-03-13 10:39:18 +01:00
Timo Kösters
2316d89048
Even more logging 2023-03-13 10:39:18 +01:00
Timo Kösters
bde4880c1d
fix: don't unwrap server keys 2023-03-13 10:39:18 +01:00
Timo Kösters
8b648d0d3f
fix: force abort federation requests after 2 minutes 2023-03-13 10:39:18 +01:00
Timo Kösters
4617ee2b6b
More logging for remote joins 2023-03-13 10:39:18 +01:00
Timo Kösters
10fa686c77
feat: respect history visibility 2023-03-13 10:39:18 +01:00
Timo Kösters
2a16a5e967
fix: don't send nulls as unsigned content 2023-03-13 10:39:17 +01:00
Timo Kösters
2aa0a2474b
fix: ignore unparsable pdus in /send 2023-03-13 10:39:17 +01:00
Timo Kösters
d39003ffc0
Allow backfilling create event itself 2023-03-13 10:39:17 +01:00
Timo Kösters
eae0989c40
fix: refactor backfill and add support for search 2023-03-13 10:39:17 +01:00
Timo Kösters
17a6431f5f
fix: make backfilled events reachable 2023-03-13 10:39:17 +01:00
Timo Kösters
fcfb06ffa6
fix: allow handling create event itself 2023-03-13 10:39:17 +01:00
Timo Kösters
7bdd9660aa
feat: ask for backfill 2023-03-13 10:39:17 +01:00
Timo Kösters
23b18d71ee
feat: handle backfill requests 
Based on https://gitlab.com/famedly/conduit/-/merge_requests/421
 2023-03-13 10:39:16 +01:00
Timo Kösters
fc0aff20cf
fix: allow reactivation of users using reset-password admin command 2023-02-11 12:43:41 +01:00
Timo Kösters
a4f18f99ad
fix: ignore bad user ids 2023-02-07 16:29:41 +01:00
Jonathan de Jong
b158896396 Merge remote-tracking branch 'origin/next' into complement-improvements 2023-01-26 18:19:39 +01:00
Timo Kösters
f95dd4521c Merge branch 'validate-state-of-admins-room' into 'next' 
Validate PDU in admins room

See merge request famedly/conduit!382
 2023-01-24 13:46:49 +00:00
digital
4d589d9788 feat: support end to bridge encryption 
by implementing appservice logins
 2023-01-18 23:34:18 +01:00
Timo Kösters
809c9b4481
Maybe fix room joins 
This is a workaround for https://github.com/hyperium/hyper/issues/2312
 2023-01-14 21:20:16 +01:00
Timo Kösters
c7a7c913d4
Bump ruma 2022-12-21 14:08:08 +01:00
Timo Kösters
76a82339a2
tweak default rocksdb settings 2022-12-21 13:44:23 +01:00
Timo Kösters
94df9cdbba Merge branch 'Nyaaori/prev_events-config-option' into 'next' 
Make prev_events fetch limit configurable

See merge request famedly/conduit!422
 2022-12-21 11:06:42 +00:00
Nyaaori
7cc346bc18
feat: Implement membership ban/join/leave/invite reason support 2022-12-21 11:45:12 +01:00
Nyaaori
7c196f4e00
feat: Add max prev events config option, allowing adjusting limit for prev_events fetching 2022-12-21 10:55:32 +01:00